Skip to content

Latest commit

 

History

History
378 lines (291 loc) · 15.3 KB

compute_interconnect.html.markdown

File metadata and controls

378 lines (291 loc) · 15.3 KB
subcategory description
Compute Engine
Represents an Interconnect resource.

google_compute_interconnect

Represents an Interconnect resource. The Interconnect resource is a dedicated connection between Google's network and your on-premises network.

To get more information about Interconnect, see:

Example Usage - Compute Interconnect Basic

data "google_project" "project" {}

resource "google_compute_interconnect" "example-interconnect" {
  name                 = "example-interconnect"
  customer_name        = "example_customer"
  interconnect_type    = "DEDICATED"
  link_type            = "LINK_TYPE_ETHERNET_10G_LR"
  location             = "https://www.googleapis.com/compute/v1/projects/${data.google_project.project.name}/global/interconnectLocations/iad-zone1-1"
  requested_link_count = 1
}

Argument Reference

The following arguments are supported:

  • name - (Required) Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

  • link_type - (Required) Type of link requested. Note that this field indicates the speed of each of the links in the bundle, not the speed of the entire bundle. Can take one of the following values:

    • LINK_TYPE_ETHERNET_10G_LR: A 10G Ethernet with LR optics.
    • LINK_TYPE_ETHERNET_100G_LR: A 100G Ethernet with LR optics. Possible values are: LINK_TYPE_ETHERNET_10G_LR, LINK_TYPE_ETHERNET_100G_LR.

  • requested_link_count - (Required) Target number of physical links in the link bundle, as requested by the customer.

  • interconnect_type - (Required) Type of interconnect. Note that a value IT_PRIVATE has been deprecated in favor of DEDICATED. Can take one of the following values:

    • PARTNER: A partner-managed interconnection shared between customers though a partner.
    • DEDICATED: A dedicated physical interconnection with the customer. Possible values are: DEDICATED, PARTNER, IT_PRIVATE.

  • description - (Optional) An optional description of this resource. Provide this property when you create the resource.

  • location - (Optional) URL of the InterconnectLocation object that represents where this connection is to be provisioned. Specifies the location inside Google's Networks, should not be passed in case of cross-cloud interconnect.

  • admin_enabled - (Optional) Administrative status of the interconnect. When this is set to true, the Interconnect is functional and can carry traffic. When set to false, no packets can be carried over the interconnect and no BGP routes are exchanged over it. By default, the status is set to true.

  • noc_contact_email - (Optional) Email address to contact the customer NOC for operations and maintenance notifications regarding this Interconnect. If specified, this will be used for notifications in addition to all other forms described, such as Cloud Monitoring logs alerting and Cloud Notifications. This field is required for users who sign up for Cloud Interconnect using workforce identity federation.

  • customer_name - (Optional) Customer name, to put in the Letter of Authorization as the party authorized to request a crossconnect. This field is required for Dedicated and Partner Interconnect, should not be specified for cross-cloud interconnect.

  • labels - (Optional) Labels for this resource. These can only be added or modified by the setLabels method. Each label key/value pair must comply with RFC1035. Label values may be empty.

    Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field effective_labels for all of the labels present on the resource.

  • macsec - (Optional) Configuration that enables Media Access Control security (MACsec) on the Cloud Interconnect connection between Google and your on-premises router. Structure is documented below.

  • macsec_enabled - (Optional) Enable or disable MACsec on this Interconnect connection. MACsec enablement fails if the MACsec object is not specified.

  • remote_location - (Optional) Indicates that this is a Cross-Cloud Interconnect. This field specifies the location outside of Google's network that the interconnect is connected to.

  • requested_features - (Optional) interconnects.list of features requested for this Interconnect connection. Options: IF_MACSEC ( If specified then the connection is created on MACsec capable hardware ports. If not specified, the default value is false, which allocates non-MACsec capable ports first if available). Note that MACSEC is still technically allowed for compatibility reasons, but it does not work with the API, and will be removed in an upcoming major version. Each value may be one of: MACSEC, IF_MACSEC.

  • project - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

The macsec block supports:

  • pre_shared_keys - (Required) A keychain placeholder describing a set of named key objects along with their start times. A MACsec CKN/CAK is generated for each key in the key chain. Google router automatically picks the key with the most recent startTime when establishing or re-establishing a MACsec secure link. Structure is documented below.

  • fail_open - (Optional) If set to true, the Interconnect connection is configured with a should-secure MACsec security policy, that allows the Google router to fallback to cleartext traffic if the MKA session cannot be established. By default, the Interconnect connection is configured with a must-secure security policy that drops all traffic if the MKA session cannot be established with your router.

The pre_shared_keys block supports:

  • name - (Required) A name for this pre-shared key. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

  • start_time - (Optional) A RFC3339 timestamp on or after which the key is valid. startTime can be in the future. If the keychain has a single key, startTime can be omitted. If the keychain has multiple keys, startTime is mandatory for each key. The start times of keys must be in increasing order. The start times of two consecutive keys must be at least 6 hours apart.

  • fail_open - (Optional, Deprecated) If set to true, the Interconnect connection is configured with a should-secure MACsec security policy, that allows the Google router to fallback to cleartext traffic if the MKA session cannot be established. By default, the Interconnect connection is configured with a must-secure security policy that drops all traffic if the MKA session cannot be established with your router.

    ~> Warning: failOpen is deprecated and will be removed in a future major release. Use other failOpen instead.

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

  • id - an identifier for the resource with format projects/{{project}}/global/interconnects/{{name}}

  • creation_timestamp - Creation timestamp in RFC3339 text format.

  • operational_status - The current status of this Interconnect's functionality, which can take one of the following:

    • OS_ACTIVE: A valid Interconnect, which is turned up and is ready to use. Attachments may be provisioned on this Interconnect.
    • OS_UNPROVISIONED: An Interconnect that has not completed turnup. No attachments may be provisioned on this Interconnect.
    • OS_UNDER_MAINTENANCE: An Interconnect that is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.

  • provisioned_link_count - Number of links actually provisioned in this interconnect.

  • interconnect_attachments - A list of the URLs of all InterconnectAttachments configured to use this Interconnect.

  • peer_ip_address - IP address configured on the customer side of the Interconnect link. The customer should configure this IP address during turnup when prompted by Google NOC. This can be used only for ping tests.

  • google_ip_address - IP address configured on the Google side of the Interconnect link. This can be used only for ping tests.

  • google_reference_id - Google reference ID to be used when raising support tickets with Google or otherwise to debug backend connectivity issues.

  • expected_outages - A list of outages expected for this Interconnect. Structure is documented below.

  • circuit_infos - A list of CircuitInfo objects, that describe the individual circuits in this LAG. Structure is documented below.

  • label_fingerprint - A fingerprint for the labels being applied to this Interconnect, which is essentially a hash of the labels set used for optimistic locking. The fingerprint is initially generated by Compute Engine and changes after every request to modify or update labels. You must always provide an up-to-date fingerprint hash in order to update or change labels, otherwise the request will fail with error 412 conditionNotMet.

  • state - The current state of Interconnect functionality, which can take one of the following values:

    • ACTIVE: The Interconnect is valid, turned up and ready to use. Attachments may be provisioned on this Interconnect.
    • UNPROVISIONED: The Interconnect has not completed turnup. No attachments may b provisioned on this Interconnect.
    • UNDER_MAINTENANCE: The Interconnect is undergoing internal maintenance. No attachments may be provisioned or updated on this Interconnect.

  • satisfies_pzs - Reserved for future use.

  • available_features - interconnects.list of features available for this Interconnect connection. Can take the value: MACSEC. If present then the Interconnect connection is provisioned on MACsec capable hardware ports. If not present then the Interconnect connection is provisioned on non-MACsec capable ports and MACsec isn't supported and enabling MACsec fails).

  • terraform_labels - The combination of labels configured directly on the resource and default labels configured on the provider.

  • effective_labels - All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Terraform, other clients and services.

The expected_outages block contains:

  • name - (Output) Unique identifier for this outage notification.

  • description - (Output) A description about the purpose of the outage.

  • source - (Output) The party that generated this notification. Note that the value of NSRC_GOOGLE has been deprecated in favor of GOOGLE. Can take the following value:

    • GOOGLE: this notification as generated by Google.

  • state - (Output) State of this notification. Note that the versions of this enum prefixed with "NS_" have been deprecated in favor of the unprefixed values. Can take one of the following values:

    • ACTIVE: This outage notification is active. The event could be in the past, present, or future. See startTime and endTime for scheduling.
    • CANCELLED: The outage associated with this notification was cancelled before the outage was due to start.
    • COMPLETED: The outage associated with this notification is complete.

  • issue_type - (Output) Form this outage is expected to take. Note that the versions of this enum prefixed with "IT_" have been deprecated in favor of the unprefixed values. Can take one of the following values:

    • OUTAGE: The Interconnect may be completely out of service for some or all of the specified window.
    • PARTIAL_OUTAGE: Some circuits comprising the Interconnect as a whole should remain up, but with reduced bandwidth.

  • affected_circuits - (Output) If issueType is IT_PARTIAL_OUTAGE, a list of the Google-side circuit IDs that will be affected.

  • start_time - (Output) Scheduled start time for the outage (milliseconds since Unix epoch).

  • end_time - (Output) Scheduled end time for the outage (milliseconds since Unix epoch).

The circuit_infos block contains:

  • google_circuit_id - (Output) Google-assigned unique ID for this circuit. Assigned at circuit turn-up.

  • google_demarc_id - (Output) Google-side demarc ID for this circuit. Assigned at circuit turn-up and provided by Google to the customer in the LOA.

  • customer_demarc_id - (Output) Customer-side demarc ID for this circuit.

Timeouts

This resource provides the following Timeouts configuration options:

  • create - Default is 20 minutes.
  • update - Default is 20 minutes.
  • delete - Default is 20 minutes.

Import

Interconnect can be imported using any of these accepted formats:

  • projects/{{project}}/global/interconnects/{{name}}
  • {{project}}/{{name}}
  • {{name}}

In Terraform v1.5.0 and later, use an import block to import Interconnect using one of the formats above. For example:

import {
  id = "projects/{{project}}/global/interconnects/{{name}}"
  to = google_compute_interconnect.default
}

When using the terraform import command, Interconnect can be imported using one of the formats above. For example:

$ terraform import google_compute_interconnect.default projects/{{project}}/global/interconnects/{{name}}
$ terraform import google_compute_interconnect.default {{project}}/{{name}}
$ terraform import google_compute_interconnect.default {{name}}

User Project Overrides

This resource supports User Project Overrides.